Beware the Ransomware that will make you “Wanna Cry”

As you have no doubt already heard, a vicious strain of ransomware named “Wanna Cry” spread rapidly across the globe this last weekend, affecting more than 150 000 computers in 99 countries. Friday’s attack, one of the worst in history, confirmed analysts warnings that ransomware is now the most common and dangerous form of cyber criminality facing both businesses and individuals.

The “Wanna Cry” virus made use of a known Windows vulnerability. Although the initial attack was contained when a security researcher disabled a key mechanism used by the worm to spread, experts are already warning of further attacks and even greater global fallout in the coming days….

The malware, using a technique reportedly stolen from the US National Security Agency, interrupted care in hospitals across the UK. It also impacted Russia’s ministry of interior and infected company computer systems in countries from Eastern Europe to the US and across Asia.

What does it look like?

This strain of ransomware infects victims through a hyperlink sent via email, web adverts and even a dropbox link. It encrypts your files and uses the same encryption used by WhatsApp. The best defense against this is education so it’s important that you tell family members (if you share a network or IT device like a tablet or laptop) and co-workers that you share a network with to NOT TO OPEN ANYTHING THEY DON’T RECOGNIZE.

You’ll immediately know if you have been infected. You will be greeted by a popup screen saying “Ooops, your important files are encrypted.” The encrypted files will have the extension.WCRY added to their names. It will also change your desktop wallpaper to a ransom note.

How do I get my data back?

At this stage you can’t – unless you have a backup to restore. In cases where the backup has not been setup properly, your backups could also get encrypted. This is why it is crucial you have a proper backup system, with multiple methods of backup, in place and that it’s been tested. The other alternative is to pay. If you pay there’s no guarantee you won’t get infected again in six months time and you will also, in a small way, be contributing to the success of hackers.

How do I prevent it?

It is also very important that you keep your software up-to-date and run security patches if they’re available.

If you are a Dial a Nerd customer with a SonicWall Firewall, you have built in protection already. If you are an SLA customer, we have additional ways to protect you from attacks like this by monitoring your network on a daily basis.

Be Alert!

This attack, which is still ongoing and continues to wreak havoc, is yet another stark reminder of why it is so incredibly important to back-up your files and to educate yourself around suspicious activity online.

Secondly, it should remind you that you most definitely should have an anti-virus installed on all your devices. If you are using the more old-fashioned email systems or out-of-date operating systems, we also strongly suggest that you upgrade soon. Moving to a cloud-based mail system like Office 365 means you are much less vulnerable and backups happen automatically.

Now is the time to act. Don’t wait for disaster to strike!

Dial a Nerd is providing Preventative maintenance by

Downloading some Patches from Microsoft

Updating and scanning with Antivirus program

Running SFC system scans

Searching for the virus extensions on the server

The whole process takes +- 1 Hour on a server, we can do it remotely. Contact us on 010 007 0012 or email helpdesk@dialanerd.co.za